CLI specification #541
CLI specification #541
Conversation
| - `-kvs | --azure-key-vault-client-secret` - The Client Secret to authenticate to the Azure Key Vault. | ||
| - `-kvc | --azure-key-vault-certificate` - The name of the certificate in Azure Key Vault. | ||
| - `-kvm | --azure-key-vault-managed-identity` - Use a Managed Identity to access Azure Key Vault. | ||
|
|
There was a problem hiding this comment.
Do we need [-v|--verbosity <LEVEL>] option here? Maybe customer want to see more details if there is issue with signing process.
There was a problem hiding this comment.
Would be good to know what the options are here for this value to provide as generally the tool is run on the CI, so getting help from the tool directly involves more steps (and it's not as discernable from the code as it's a .NET enum value)
| - `-f | --force` - Overwrites a signature if it exists. | ||
| - `-m | --max-concurrency` - Maximum concurrency (default is 4) | ||
| - `-fl | --filelist` - Path to file containing paths of files to sign within an archive | ||
| - `-fd | --file-digest` - The digest algorithm to hash the file with. |
There was a problem hiding this comment.
I expected it would be enum, right? Which algorithm does it default to?
| - `-fd | --file-digest` - The digest algorithm to hash the file with. | |
| - `-fd | --file-digest` <HASHALGORITHM> - The digest algorithm to hash the file with. |
| - `-tr | --timestamp-rfc3161` - Specifies the RFC 3161 timestamp server's URL. | ||
| - `-d | --description` - Description | ||
| - `-u | --descriptionUrl` - Description Url | ||
| - `-td | --timestamp-digest` - Used with the -tr switch to request a digest algorithm used by the RFC 3161 timestamp server. |
There was a problem hiding this comment.
This one is also expects enum value, right? If yes what are the expected values and default value?
| ``` | ||
| **/ProjectAddIn1.* | ||
| **/setup.exe | ||
| ``` |
There was a problem hiding this comment.
Could we have sample section like dotnet nuget sign?
| The parameters to the signing client are as follows: | ||
|
|
||
| `sign code AzureKeyVault [options] <files>` | ||
|
|
There was a problem hiding this comment.
Could we have Synopsis section like dotnet nuget sign?
docs/cli-spec.md
Outdated
|
|
||
| Signing an archive type (`.zip`, `.nupkg`, `.vsix`) will open up the archive and sign any supported file types. It is strongly recommended to use the `filelist` parameter to explicitly list the files inside the archive that should be signed. Signing is recursive; it will sign contents of any detectected `Zip`, `NuPkg` or `VSIX` files inside the uploaded one. After signing contents of the archive, the archive itself is signed if supported (currently `VSIX`). | ||
|
|
||
| ### File list |
There was a problem hiding this comment.
This is argument, right? Could we create Argument section like https://learn.microsoft.com/en-us/dotnet/core/tools/dotnet-nuget-sign#arguments?
|
@erdembayar, thanks for the feedback. It will not be overlooked. I'm going to move this PR to draft state, as I think @clairernovotny mistakenly published it too early. |
|
I'd like to get this merged asap so there's some docs on the cli usage. We can continue to update the formatting and contents of this doc after. |
Could you please create tracking issue for improvement? Then I can approve it. |
Adds CLI documentation for both Azure-Key-Vault and Certificate-Store commands